diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..be25674 --- /dev/null +++ b/.gitignore @@ -0,0 +1,37 @@ +rubygems-1.3.7.tgz +/rubygems-1.5.0.tgz +/rubygems-1.5.2.tgz +/rubygems-1.5.3.tgz +/rubygems-1.6.0.tgz +/rubygems-1.6.1.tgz +/rubygems-1.6.2.tgz +/rubygems-1.7.2.tgz +/rubygems-1.8.5.tgz +/rubygems-1.8.6.tgz +/rubygems-1.8.7.tgz +/rubygems-1.8.8.tgz +/rubygems-1.8.9.tgz +/rubygems-1.8.10.tgz +/rubygems-1.8.11.tgz +/rubygems-1.8.15.tgz +/rubygems-1.8.22.tgz +/rubygems-1.8.23.tgz +/rubygems-1.8.24.tgz +/rubygems-1.8.25.tgz +/rubygems-2.0.0.tgz +/rubygems-2.0.3.tgz +/rubygems-2.0.5.tgz +/rubygems-2.0.6.tgz +/rubygems-2.0.7.tgz +/rubygems-2.0.8.tgz +/rubygems-2.0.9.tgz +/rubygems-2.0.10.tgz +/rubygems-2.0.11.tgz +/rubygems-2.0.12.tgz +/rubygems-2.1.9.tgz +/rubygems-2.1.10.tgz +/rubygems-2.1.11.tgz +/rubygems-2.2.2.tgz +/rubygems-2.4.8.tgz +/rubygems-2.6.10.tgz +/rubygems-2.6.13.tgz diff --git a/check_CVE-2013-4287.rb b/check_CVE-2013-4287.rb new file mode 100644 index 0000000..a643b57 --- /dev/null +++ b/check_CVE-2013-4287.rb @@ -0,0 +1,29 @@ +require 'benchmark' +require 'rubygems' + +valid = Benchmark.measure do + Gem::Version.new '1.22.333.4444.55555.666666.7777777' +end + +puts 'Valid version time:' +puts valid + +invalid = Benchmark.measure do + begin + Gem::Version.new '1.22.333.4444.55555.666666.7777777.' + rescue + end +end + +puts 'Invalid version time:' +puts invalid + +n = (valid.real - invalid.real).abs + +if 0.1 < n then + puts 'You are vulnerable to CVE-2013-4287.' + exit(1) +else + puts 'You are NOT vulnerable to CVE-2013-4287.' +end + diff --git a/check_CVE-2013-4363.rb b/check_CVE-2013-4363.rb new file mode 100644 index 0000000..7843fcd --- /dev/null +++ b/check_CVE-2013-4363.rb @@ -0,0 +1,29 @@ +require 'benchmark' +require 'rubygems' + +valid = Benchmark.measure do + Gem::Version.new '111111111111111111111111' +end + +puts 'Valid version time:' +puts valid + +invalid = Benchmark.measure do + begin + Gem::Version.new '111111111111111111111111.' + rescue + end +end + +puts 'Invalid version time:' +puts invalid + +n = (valid.real - invalid.real).abs + +if 0.1 < n then + puts 'You are vulnerable to CVE-2013-XXXX.' + exit(1) +else + puts 'You are NOT vulnerable to CVE-2013-XXXX.' +end + diff --git a/dead.package b/dead.package deleted file mode 100644 index b4bbd71..0000000 --- a/dead.package +++ /dev/null @@ -1 +0,0 @@ -rubygems fails to build from source: https://bugzilla.redhat.com/show_bug.cgi?id=1675964 diff --git a/macros.rubygems b/macros.rubygems new file mode 100644 index 0000000..0652ec6 --- /dev/null +++ b/macros.rubygems @@ -0,0 +1,130 @@ +# The RubyGems root folder. +%gem_dir %{_datadir}/gems +%gem_archdir %{_libdir}/gems + +# Common gem locations and files. +%gem_instdir %{gem_dir}/gems/%{gem_name}-%{version}%{?prerelease} +%gem_extdir_mri %{gem_archdir}/%{name}/%{gem_name}-%{version}%{?prerelease} +%gem_libdir %{gem_instdir}/lib +%gem_cache %{gem_dir}/cache/%{gem_name}-%{version}%{?prerelease}.gem +%gem_spec %{gem_dir}/specifications/%{gem_name}-%{version}%{?prerelease}.gemspec +%gem_docdir %{gem_dir}/doc/%{gem_name}-%{version}%{?prerelease} + + +# %gem_install - Install gem into appropriate directory. +# +# Usage: %gem_install [options] +# +# -n Overrides gem file name for installation. +# -d Set installation directory. +# +%gem_install(d:n:) \ +mkdir -p %{-d*}%{!?-d:.%{gem_dir}} \ +\ +CONFIGURE_ARGS="--with-cflags='%{optflags}' $CONFIGURE_ARGS" \\\ +gem install \\\ + -V \\\ + --local \\\ + --build-root %{-d*}%{!?-d:.} \\\ + --force \\\ + --document=ri,rdoc \\\ + %{-n*}%{!?-n:%{gem_name}-%{version}%{?prerelease}.gem} \ +%{nil} + + +# For rubygems packages we want to filter out any provides caused by private +# libs in %%{gem_archdir}. +# +# Note that this must be invoked in the spec file, preferably as +# "%{?rubygems_default_filter}", before any %description block. +%rubygems_default_filter %{expand: \ +%global __provides_exclude_from %{?__provides_exclude_from:%{__provides_exclude_from}|}^%{gem_extdir_mri}/.*\\\\.so$ \ +} + + +# The 'read' command in gemspec_add _depand gemspec_remove_dep macros is not +# essential, but it is usefull to make the sript appear in build log. + + +# %gemspec_add_dep - Add dependency into .gemspec. +# +# Usage: %gemspec_add_dep -g [options] [requirements] +# +# Add dependency named to .gemspec file. The macro adds runtime +# dependency by default. The [requirements] argument can be used to specify +# the dependency constraints more precisely. It is expected to be valid Ruby +# code. +# +# -s Overrides the default .gemspec location. +# -d Add development dependecy. +# +%gemspec_add_dep(g:s:d) \ +read -d '' gemspec_add_dep_script << 'EOR' || : \ + gemspec_file = '%{-s*}%{!?-s:./%{gem_name}.gemspec}' \ + \ + name = '%{-g*}' \ + requirements = %{*}%{!?1:nil} \ + \ + type = :%{!?-d:runtime}%{?-d:development} \ + \ + spec = Gem::Specification.load(gemspec_file) \ + abort("#{gemspec_file} is not accessible.") unless spec \ + \ + dep = spec.dependencies.detect { |d| d.type == type && d.name == name } \ + if dep \ + dep.requirement.concat requirements \ + else \ + spec.public_send "add_#{type}_dependency", name, requirements \ + end \ + File.write gemspec_file, spec.to_ruby \ +EOR\ +echo "$gemspec_add_dep_script" | ruby \ +unset -v gemspec_add_dep_script \ +%{nil} + + +# %gemspec_remove_dep - Remove dependency from .gemspec. +# +# Usage: %gemspec_remove_dep -g [options] [requirements] +# +# Remove dependency named from .gemspec file. The macro removes runtime +# dependency by default. The [requirements] argument can be used to specify +# the dependency constraints more precisely. It is expected to be valid Ruby +# code. The macro fails if these specific requirements can't be removed. +# +# -s Overrides the default .gemspec location. +# -d Remove development dependecy. +# +%gemspec_remove_dep(g:s:d) \ +read -d '' gemspec_remove_dep_script << 'EOR' || : \ + gemspec_file = '%{-s*}%{!?-s:./%{gem_name}.gemspec}' \ + \ + name = '%{-g*}' \ + requirements = %{*}%{!?1:nil} \ + \ + type = :%{!?-d:runtime}%{?-d:development} \ + \ + spec = Gem::Specification.load(gemspec_file) \ + abort("#{gemspec_file} is not accessible.") unless spec \ + \ + dep = spec.dependencies.detect { |d| d.type == type && d.name == name } \ + if dep \ + if requirements \ + requirements = Gem::Requirement.create(requirements).requirements \ + requirements.each do |r| \ + unless dep.requirement.requirements.reject! { |dependency_requirements| dependency_requirements == r } \ + abort("Requirement '#{r.first} #{r.last}' was not possible to remove for dependency '#{dep}'!") \ + end \ + end \ + spec.dependencies.delete dep if dep.requirement.requirements.empty? \ + else \ + spec.dependencies.delete dep \ + end \ + else \ + abort("Dependency '#{name}' was not found!") \ + end \ + File.write gemspec_file, spec.to_ruby \ +EOR\ +echo "$gemspec_remove_dep_script" | ruby \ +unset -v gemspec_remove_dep_script \ +%{nil} diff --git a/operating_system.rb b/operating_system.rb new file mode 100644 index 0000000..4b2903d --- /dev/null +++ b/operating_system.rb @@ -0,0 +1,146 @@ +module Gem + class << self + + ## + # Returns full path of previous but one directory of dir in path + # E.g. for '/usr/share/ruby', 'ruby', it returns '/usr' + + def previous_but_one_dir_to(path, dir) + return unless path + + split_path = path.split(File::SEPARATOR) + File.join(split_path.take_while { |one_dir| one_dir !~ /^#{dir}$/ }[0..-2]) + end + private :previous_but_one_dir_to + + ## + # Detects --install-dir option specified on command line. + + def opt_install_dir? + @opt_install_dir ||= ARGV.include?('--install-dir') || ARGV.include?('-i') + end + private :opt_install_dir? + + ## + # Detects --build-root option specified on command line. + + def opt_build_root? + @opt_build_root ||= ARGV.include?('--build-root') + end + private :opt_build_root? + + ## + # Tries to detect, if arguments and environment variables suggest that + # 'gem install' is executed from rpmbuild. + + def rpmbuild? + @rpmbuild ||= ENV['RPM_PACKAGE_NAME'] && (opt_install_dir? || opt_build_root?) + end + private :rpmbuild? + + ## + # Default gems locations allowed on FHS system (/usr, /usr/share). + # The locations are derived from directories specified during build + # configuration. + + def default_locations + @default_locations ||= { + :system => previous_but_one_dir_to(RbConfig::CONFIG['vendordir'], RbConfig::CONFIG['RUBY_INSTALL_NAME']), + :local => previous_but_one_dir_to(RbConfig::CONFIG['sitedir'], RbConfig::CONFIG['RUBY_INSTALL_NAME']) + } + end + + ## + # For each location provides set of directories for binaries (:bin_dir) + # platform independent (:gem_dir) and dependent (:ext_dir) files. + + def default_dirs + @libdir ||= case RUBY_PLATFORM + when 'java' + RbConfig::CONFIG['datadir'] + else + RbConfig::CONFIG['libdir'] + end + + @default_dirs ||= default_locations.inject(Hash.new) do |hash, location| + destination, path = location + + hash[destination] = if path + { + :bin_dir => File.join(path, RbConfig::CONFIG['bindir'].split(File::SEPARATOR).last), + :gem_dir => File.join(path, RbConfig::CONFIG['datadir'].split(File::SEPARATOR).last, 'gems'), + :ext_dir => File.join(path, @libdir.split(File::SEPARATOR).last, 'gems') + } + else + { + :bin_dir => '', + :gem_dir => '', + :ext_dir => '' + } + end + + hash + end + end + + ## + # Remove methods we are going to override. This avoids "method redefined;" + # warnings otherwise issued by Ruby. + + remove_method :default_dir if method_defined? :default_dir + remove_method :default_path if method_defined? :default_path + remove_method :default_bindir if method_defined? :default_bindir + remove_method :default_ext_dir_for if method_defined? :default_ext_dir_for + + ## + # RubyGems default overrides. + + def default_dir + if opt_build_root? + Gem.default_dirs[:system][:gem_dir] + elsif Process.uid == 0 + Gem.default_dirs[:local][:gem_dir] + else + Gem.user_dir + end + end + + def default_path + path = default_dirs.collect {|location, paths| paths[:gem_dir]} + path.unshift Gem.user_dir if File.exist? Gem.user_home + end + + def default_bindir + if opt_build_root? + Gem.default_dirs[:system][:bin_dir] + elsif Process.uid == 0 + Gem.default_dirs[:local][:bin_dir] + else + File.join [Dir.home, 'bin'] + end + end + + def default_ext_dir_for base_dir + dir = if rpmbuild? + build_dir = base_dir.chomp Gem.default_dirs[:system][:gem_dir] + if build_dir != base_dir + File.join build_dir, Gem.default_dirs[:system][:ext_dir] + end + else + dirs = Gem.default_dirs.detect {|location, paths| paths[:gem_dir] == base_dir} + dirs && dirs.last[:ext_dir] + end + dir && File.join(dir, RbConfig::CONFIG['RUBY_INSTALL_NAME']) + end + + # This method should be available since RubyGems 2.2 until RubyGems 3.0. + # https://github.com/rubygems/rubygems/issues/749 + if method_defined? :install_extension_in_lib + remove_method :install_extension_in_lib + + def install_extension_in_lib + false + end + end + end +end diff --git a/rubygems-2.6.13-Ignored-test-for-real-world-default-gem.patch b/rubygems-2.6.13-Ignored-test-for-real-world-default-gem.patch new file mode 100644 index 0000000..54e3ad0 --- /dev/null +++ b/rubygems-2.6.13-Ignored-test-for-real-world-default-gem.patch @@ -0,0 +1,51 @@ +From 8598da6ea02fe69c20f93ac4d5504ca4aba6fe6b Mon Sep 17 00:00:00 2001 +From: SHIBATA Hiroshi +Date: Wed, 9 Aug 2017 16:30:53 +0900 +Subject: [PATCH 1/2] Ignored test for real world default gem. + + Because default gem was enabled after ruby installation that + is `make install` +--- + test/rubygems/test_require.rb | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/test/rubygems/test_require.rb b/test/rubygems/test_require.rb +index 936f78fb2..c44c759cc 100644 +--- a/test/rubygems/test_require.rb ++++ b/test/rubygems/test_require.rb +@@ -303,6 +303,12 @@ def test_default_gem_only + + def test_realworld_default_gem + skip "no default gems on ruby < 2.0" unless RUBY_VERSION >= "2" ++ begin ++ gem 'json' ++ rescue Gem::MissingSpecError ++ skip "default gems is only available after ruby installation" ++ end ++ + cmd = <<-RUBY + $stderr = $stdout + require "json" + +From 0dafce8188691a7b942ed4724a0d0e462e74a809 Mon Sep 17 00:00:00 2001 +From: SHIBATA Hiroshi +Date: Wed, 9 Aug 2017 21:06:41 +0900 +Subject: [PATCH 2/2] Fixed grammer + +--- + test/rubygems/test_require.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/rubygems/test_require.rb b/test/rubygems/test_require.rb +index c44c759cc..edb36f1f3 100644 +--- a/test/rubygems/test_require.rb ++++ b/test/rubygems/test_require.rb +@@ -306,7 +306,7 @@ def test_realworld_default_gem + begin + gem 'json' + rescue Gem::MissingSpecError +- skip "default gems is only available after ruby installation" ++ skip "default gems are only available after ruby installation" + end + + cmd = <<-RUBY diff --git a/rubygems.attr b/rubygems.attr new file mode 100644 index 0000000..f033d43 --- /dev/null +++ b/rubygems.attr @@ -0,0 +1,5 @@ +%__rubygems_requires %{_rpmconfigdir}/rubygems.req +%__rubygems_provides %{_rpmconfigdir}/rubygems.prov +# In non-gem packages, the %%{gem_name} macro is not available and the macro +# stays unexpanded which leads to "invalid regex" error (rhbz#1154067). +%__rubygems_path ^%{?gem_name:%{gem_spec}}%{!?gem_name:this_should_never_match_anything}$ diff --git a/rubygems.prov b/rubygems.prov new file mode 100644 index 0000000..b7c9777 --- /dev/null +++ b/rubygems.prov @@ -0,0 +1,36 @@ +#!/usr/bin/ruby + +require 'rubygems/package' + +module RubyGemsProv + module Helpers + # If there is some prelease version files, such as rc1 (i.e. non-numeric + # field), prepend this field by tilde instead of dot. + def self.normalize_prerelease(version) + if version.prerelease? + prerelease = version.version.sub /^#{version.release}\./, '' + "#{version.release}-0.1.#{prerelease}" + else + "#{version.release}-1" + end + end + end + + # Reports all functionality gem provides. + def self.provides + while filename = gets + filename.strip! + begin + specification = Gem::Specification.load filename + + puts "rubygem(#{specification.name}) = #{Helpers::normalize_prerelease(specification.version)}" + rescue => e + # Ignore all errors. + end + end + end +end + +if __FILE__ == $0 + RubyGemsProv::provides +end diff --git a/rubygems.req b/rubygems.req new file mode 100644 index 0000000..4f7a583 --- /dev/null +++ b/rubygems.req @@ -0,0 +1,81 @@ +#!/usr/bin/ruby + +require 'rubygems/package' + +module RubyGemsReq + module Helpers + # Expands '~>' and '!=' gem requirements. + def self.expand_requirement(requirements) + requirements.inject([]) do |output, r| + output.concat case r.first + when '~>' + expand_pessimistic_requirement(r) + when '!=' + expand_not_equal_requirement(r) + else + [r] + end + end + end + + # Expands the pessimistic version operator '~>' into equivalent '>=' and + # '<' pair. + def self.expand_pessimistic_requirement(requirement) + next_version = Gem::Version.create(requirement.last).bump + return ['>=', requirement.last], ['<', next_version] + end + + # Expands the not equal version operator '!=' into equivalent '<' and + # '>' pair. + def self.expand_not_equal_requirement(requirement) + return ['<', requirement.last], ['>', requirement.last] + end + + # Converts Gem::Requirement into array of requirements strings compatible + # with RPM .spec file. + def self.requirement_versions_to_rpm(requirement) + self.expand_requirement(requirement.requirements).map do |op, version| + version == Gem::Version.new(0) ? "" : "#{op} #{version}" + end + end + end + + # Report RubyGems dependency, versioned if required. + def self.rubygems_dependency(specification) + Helpers::requirement_versions_to_rpm(specification.required_rubygems_version).each do |requirement| + dependency_string = "ruby(rubygems)" + dependency_string += " #{specification.required_rubygems_version}" if requirement && requirement.length > 0 + puts dependency_string + end + end + + # Report all gem dependencies including their version. + def self.gem_depenencies(specification) + specification.runtime_dependencies.each do |dependency| + Helpers::requirement_versions_to_rpm(dependency.requirement).each do |requirement| + dependency_string = "rubygem(#{dependency.name})" + dependency_string += " #{requirement}" if requirement && requirement.length > 0 + puts dependency_string + end + end + end + + # Reports all requirements specified by all provided .gemspec files. + def self.requires + while filename = gets + filename.strip! + begin + specification = Gem::Specification.load filename + + rubygems_dependency(specification) + gem_depenencies(specification) + rescue => e + # Ignore all errors. + end + end + end +end + +if __FILE__ == $0 + RubyGemsReq::requires +end diff --git a/rubygems.spec b/rubygems.spec new file mode 100644 index 0000000..b05960b --- /dev/null +++ b/rubygems.spec @@ -0,0 +1,518 @@ +# Upstream git: +# https://github.com/rubygems/rubygems.git +# + +# Bundled libraries versions +%global molinillo_version 0.5.7 + +# Requires versions +%global io_console_version 0.4.6 +%global json_version 2.0.2 +%global openssl_version 2.0.2 +%global psych_version 2.2.2 +%global rdoc_version 5.0.0 + +# The RubyGems library has to stay out of Ruby directory three, since the +# RubyGems should be share by all Ruby implementations. +%global rubygems_dir %(ruby -e "puts RbConfig::CONFIG['rubygemsdir']") + +# TODO: These folders should go into rubygem-filesystem but how to achieve it, +# since noarch package cannot provide arch dependent subpackages? +# http://rpm.org/ticket/78 +%global gem_extdir %{_exec_prefix}/lib{,64}/gems + +# Executing testsuite (enabling %%check section) will cause dependency loop. +# To avoid dependency loop when necessary, please set the following value to 0 +%global enable_check 1 + +# It cannot be relied on %%{_libdir} for noarch packages. Query Ruby for +# the right value. +# https://fedorahosted.org/rel-eng/ticket/5257 +%{!?buildtime_libdir:%global buildtime_libdir $(ruby -rrbconfig -e 'puts RbConfig::CONFIG["libdir"]')} + +Summary: The Ruby standard for packaging ruby libraries +Name: rubygems +Version: 2.6.13 +Release: 104%{?dist} +License: Ruby or MIT + +URL: https://rubygems.org/ +Source0: http://production.cf.rubygems.org/rubygems/%{name}-%{version}.tgz +# Sources from the works by Vít Ondruch +# Please keep Source{1,5,8,9,10} in sync with ruby.spec +Source1: operating_system.rb +Source5: macros.rubygems +# RPM dependency generators. +Source8: rubygems.attr +Source9: rubygems.req +Source10: rubygems.prov +# http://seclists.org/oss-sec/2013/q3/att-576/check_CVE-2013-4287_rb.bin +# Slightly modified for exit status +Source11: check_CVE-2013-4287.rb +# http://seclists.org/oss-sec/2013/q3/att-621/check_CVE-2013-XXXX_rb.bin +# Slightly modified for exit status, +# Also modified to match: +# http://seclists.org/oss-sec/2013/q3/605 +Source12: check_CVE-2013-4363.rb + +# Ignore failing TestGemRequire#test_realworld_default_gem with +# --disable-gems option. +# https://github.com/rubygems/rubygems/pull/1986 +Patch0: rubygems-2.6.13-Ignored-test-for-real-world-default-gem.patch + +%{?load:%{SOURCE5}} + +Requires: ruby(release) +Recommends: rubygem(rdoc) >= %{rdoc_version} +Recommends: rubygem(io-console) >= %{io_console_version} +Requires: rubygem(openssl) >= %{openssl_version} +Requires: rubygem(psych) >= %{psych_version} +BuildRequires: ruby(release) +BuildRequires: rubygem(json) +BuildRequires: rubygem(rdoc) +%if %{enable_check} +# For mkmf.rb +BuildRequires: ruby-devel +BuildRequires: rubygem(minitest) < 5 +BuildRequires: rubygem(rake) +# TestGemExtCmakeBuilder +BuildRequires: %{_bindir}/cmake +BuildRequires: git +BuildRequires: rubygem(builder) +%endif +Provides: gem = %{version}-%{release} +Provides: ruby(rubygems) = %{version}-%{release} +# https://github.com/rubygems/rubygems/pull/1189#issuecomment-121600910 +Provides: bundled(rubygem(molinillo)) = %{molinillo_version} +Provides: bundled(rubygem-molinillo) = %{molinillo_version} +BuildArch: noarch + +%description +RubyGems is the Ruby standard for publishing and managing third party +libraries. + +%package devel +Summary: Macros and development tools for packaging RubyGems +License: Ruby or MIT +Requires: ruby(%{name}) = %{version}-%{release} +# Needed for RDoc documentation format generation. +Requires: rubygem(json) >= %{json_version} +Requires: rubygem(rdoc) >= %{rdoc_version} +BuildArch: noarch + +%description devel +Macros and development tools for packaging RubyGems. + +%package doc +Summary: Documentation for %{name} +License: Ruby or MIT +Requires: ruby(%{name}) = %{version}-%{release} +BuildArch: noarch + +%description doc +Documentation for %{name}. + +%prep +%setup -q + +%patch0 -p1 + +%build +# Nothing + +%install +GEM_HOME=%{buildroot}/%{gem_dir} \ + ruby setup.rb \ + --document rdoc,ri \ + --prefix=/ \ + --backtrace \ + --destdir=%{buildroot}/%{rubygems_dir}/ + +mkdir -p %{buildroot}/%{_bindir} +mv %{buildroot}/%{rubygems_dir}/bin/gem %{buildroot}/%{_bindir}/gem +rm -rf %{buildroot}/%{rubygems_dir}/bin + +mv %{buildroot}/%{rubygems_dir}/lib/* %{buildroot}/%{rubygems_dir}/. +# No longer needed +rmdir %{buildroot}%{rubygems_dir}/lib + +# Kill bundled certificates, as they should be part of ca-certificates. +for cert in \ + rubygems.global.ssl.fastly.net/DigiCertHighAssuranceEVRootCA.pem \ + rubygems.org/AddTrustExternalCARoot.pem \ + index.rubygems.org/GlobalSignRootCA.pem +do + rm %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert + rm -r $(dirname %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/$cert) +done +# Ensure there is not forgotten any certificate. +test ! "$(ls -A %{buildroot}%{rubygems_dir}/rubygems/ssl_certs/ 2>/dev/null)" + +# Move macros file into proper place and replace the %%{name} macro, since it +# would be wrongly evaluated during build of other packages. +mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d +install -m 644 %{SOURCE5} %{buildroot}%{_rpmconfigdir}/macros.d/macros.rubygems +sed -i "s/%%{name}/ruby/" %{buildroot}%{_rpmconfigdir}/macros.d/macros.rubygems + +# Install dependency generators. +mkdir -p %{buildroot}%{_rpmconfigdir}/fileattrs +install -m 644 %{SOURCE8} %{buildroot}%{_rpmconfigdir}/fileattrs +install -m 755 %{SOURCE9} %{buildroot}%{_rpmconfigdir} +install -m 755 %{SOURCE10} %{buildroot}%{_rpmconfigdir} + +# Install custom operating_system.rb. +mkdir -p %{buildroot}%{rubygems_dir}/rubygems/defaults +install -cpm 0644 %{SOURCE1} %{buildroot}%{rubygems_dir}/rubygems/defaults/ + +# Create gem folders. +mkdir -p %{buildroot}%{gem_dir}/{cache,gems,specifications,extensions,doc} +mkdir -p %{buildroot}%{gem_extdir}/ruby + +# Create below +mkdir -p %{buildroot}%{gem_dir}/specifications/default + +%check +# Create an empty operating_system.rb, so that the system's one doesn't get used, +# otherwise the test suite fails. +mkdir -p lib/rubygems/defaults +touch lib/rubygems/defaults/operating_system.rb + +# It is necessary to specify the paths to let the test suite pass." +export GEM_PATH=%{gem_dir} +export RUBYOPT="--disable-gems -Ilib:test" + +# Check Molinillo version correctness. +[ "`ruby -e 'module Gem; module Resolver; end; end; require %{rubygems/resolver/molinillo/lib/molinillo/gem_metadata}; puts Gem::Resolver::Molinillo::VERSION' | tail -1`" \ + == '%{molinillo_version}' ] + +%if %{enable_check} +ruby -e 'Dir.glob "./test/**/test_*.rb", &method(:require)' + +# CVE vulnerability check +ruby %{SOURCE11} +ruby %{SOURCE12} +%endif + +%files +%doc README* +%doc History.txt +%license MIT.txt LICENSE.txt +%doc CVE-*txt +%{_bindir}/gem +%dir %{rubygems_dir} +%{rubygems_dir}/rubygems +%{rubygems_dir}/rubygems.rb +%{rubygems_dir}/ubygems.rb + +# Explicitly include only RubyGems directory strucure to avoid accidentally +# packaged content. +%dir %{gem_dir} +%dir %{gem_dir}/build_info +%dir %{gem_dir}/cache +%dir %{gem_dir}/doc +%dir %{gem_dir}/extensions +%dir %{gem_dir}/gems +%dir %{gem_dir}/specifications +%dir %{gem_dir}/specifications/default +%dir %{_exec_prefix}/lib*/gems +%dir %{_exec_prefix}/lib*/gems/ruby + +%files devel +%{_rpmconfigdir}/macros.d/macros.rubygems +%{_rpmconfigdir}/fileattrs/rubygems.attr +%{_rpmconfigdir}/rubygems.req +%{_rpmconfigdir}/rubygems.prov + +%files doc +%doc %{gem_dir}/doc/* + + +%changelog +* Fri Jul 26 2019 Fedora Release Engineering - 2.6.13-104 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Feb 02 2019 Fedora Release Engineering - 2.6.13-103 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Sat Jul 14 2018 Fedora Release Engineering - 2.6.13-102 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Feb 09 2018 Fedora Release Engineering - 2.6.13-101 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Sep 05 2017 Vít Ondruch - 2.6.13-100 +- Update to RubyGems 2.6.13. + +* Thu Jul 27 2017 Fedora Release Engineering - 2.6.10-101 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Mar 07 2017 Vít Ondruch - 2.6.10-100 +- Update to RubyGems 2.6.10. + +* Sat Feb 11 2017 Fedora Release Engineering - 2.4.8-102 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Feb 04 2016 Fedora Release Engineering - 2.4.8-101 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jul 10 2015 Vít Ondruch - 2.4.8-100 +- Update to RubyGems 2.4.8. + +* Fri Jun 19 2015 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 07 2014 Vít Ondruch - 2.2.2-100 +- Update to RubyGems 2.2.2. + +* Fri Jan 10 2014 Mamoru TASAKA - 2.1.11-115 +- Add extension directory also to WhichCommand::gem_paths (bug 1051169) + +* Fri Dec 13 2013 Mamoru TASAKA - 2.1.11-114 +- Add extension directory to contains_requirable_file (bug 1041391) + +* Thu Nov 14 2013 Mamoru TASAKA - 2.1.11-113 +- Update to 2.1.11 + +* Sat Oct 26 2013 Mamoru TASAKA - 2.1.10-112 +- Update to 2.1.10 + +* Mon Oct 21 2013 Mamoru TASAKA - 2.1.9-111 +- Update to 2.1.9 + +* Tue Oct 15 2013 Mamoru TASAKA - 2.0.12-110 +- Backport from 2.1.x branch to fix concurrent requires issue + (ref:bug 989574) + +* Tue Oct 15 2013 Mamoru TASAKA - 2.0.12-109 +- Update to 2.0.12 +- Un-unlink %%{_sysconfdir}/pki/tls/cert.pem with discussion with + Vít Ondruch + +* Wed Oct 9 2013 Mamoru TASAKA - 2.0.11-108 +- Add BR: cmake for TestGemExtCmakeBuilder + +* Wed Oct 9 2013 Mamoru TASAKA - 2.0.11-107 +- Update to 2.0.11 + +* Wed Sep 25 2013 Mamoru TASAKA - 2.0.10-106 +- Update to 2.0.10 (fix for CVE-2013-4363 included) + +* Mon Sep 23 2013 Mamoru TASAKA - 2.0.9-105 +- Update to 2.0.9 +- Fix %%gem_dir/doc ownership (bug 1008866) +- Patch for CVE-2013-4363 + +* Tue Sep 10 2013 Mamoru TASAKA - 2.0.8-104 +- Update to 2.0.8, which fixes CVE-2013-4287 + +* Fri Aug 16 2013 Mamoru TASAKA - 2.0.7-103 +- Update to 2.0.7 + +* Thu Aug 15 2013 Mamoru TASAKA - 2.0.6-102 +- Update to 2.0.6 + +* Sun Aug 04 2013 Fedora Release Engineering - 2.0.5-101 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 15 2013 Mamoru TASAKA - 2.0.5-100 +- Update to 2.0.5 +- Show backtrace when %%gem_install fails + +* Thu Jul 04 2013 Vít Ondruch - 2.0.3-2 +- Fix RubyGems search paths when building gems with native extension + (rhbz#979133). + +* Thu Mar 21 2013 Mamoru TASAKA - 2.0.3-1 +- Update to 2.0.3 + +* Fri Mar 08 2013 Mamoru TASAKA - 2.0.0-108 +- Don't mark rpm config file as %%config (fpc#259) + +* Tue Mar 05 2013 Vít Ondruch - 2.0.0-107 +- Avoid "method redefined;" warnings due to modified operating_system.rb. + +* Tue Mar 5 2013 Mamoru Tasaka - 2.0.0-106 +- Fix regex for creating native extension directory + (Vít Ondruch ) + +* Sun Mar 3 2013 Mamoru TASAKA - 2.0.0-105 +- Kill creating unneeded LOCAL_LIBS\ = directory under + %%gem_libdir when building native extension + +* Wed Feb 27 2013 Mamoru TASAKA - 2.0.0-104 +- Kill %%gem_extdir + +* Tue Feb 26 2013 Vít Ondruch - 2.0.0-103 +- Prevent squash of %%gem_install with following line. + +* Mon Feb 25 2013 Mamoru TASAKA - 2.0.0-102 +- Provide %%gem_extdir_mri + +* Mon Feb 25 2013 Mamoru TASAKA - 2.0.0-101 +- Split out ri-generated documentation + +* Mon Feb 25 2013 Mamoru TASAKA - 2.0.0-100 +- Update to 2.0.0 + +* Mon Feb 25 2013 Mamoru TASAKA - 1.8.25-3 +- Backport %%gem_install macro + +* Tue Feb 5 2013 Mamoru TASAKA - 1.8.25-2 +- Fix rubygem(json) path + +* Tue Feb 5 2013 Mamoru TASAKA - 1.8.25-1 +- 1.8.25 + +* Tue Feb 5 2013 Mamoru TASAKA - 1.8.24-4 +- Bump release + +* Wed Sep 05 2012 Vít Ondruch - 1.8.24-3 +- Fixed Fedora 18 mass rebuild issue. + +* Sat Jul 21 2012 Fedora Release Engineering - 1.8.24-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Apr 28 2012 Mamoru Tasaka - 1.8.24-1 +- 1.8.24 + +* Sat Apr 21 2012 Mamoru Tasaka - 1.8.23-20 +- 1.8.23 +- Use system-wide cert.pem + +* Wed Apr 18 2012 Mamoru Tasaka - 1.8.22-1 +- 1.8.22 + +* Thu Jan 26 2012 Vít Ondruch - 1.8.15-2 +- Make test suite green. + +* Thu Jan 26 2012 Mamoru Tasaka - 1.8.15-1 +- 1.8.15 + +* Thu Jan 26 2012 Mamoru Tasaka - 1.8.11-10 +- Incorpolate works by Vít Ondruch + made for ruby 1.9.x + +* Sat Jan 14 2012 Fedora Release Engineering - 1.8.11-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Nov 22 2011 Mamoru Tasaka - 1.8.11-1 +- 1.8.11 + +* Sun Aug 28 2011 Mamoru Tasaka - 1.8.10-1 +- 1.8.10 + +* Thu Aug 25 2011 Mamoru Tasaka - 1.8.9-1 +- 1.8.9 + +* Sun Aug 21 2011 Mamoru Tasaka - 1.8.8-1 +- 1.8.8 + +* Sat Aug 6 2011 Mamoru Tasaka - 1.8.7-1 +- 1.8.7 + +* Wed Jul 27 2011 Mamoru Tasaka - 1.8.6-1 +- 1.8.6 + +* Sat Jun 25 2011 Mamoru Tasaka - 1.8.5-2 +- Fix Gem.latest_load_paths (for rubygem-gettext FTBFS) +- Fix Gem.all_load_paths (for rubygem-gettext FTBFS, although it is already + deprecated from 1.7.0) + +* Wed Jun 1 2011 Mamoru Tasaka - 1.8.5-1 +- Try 1.8.5 + +* Tue May 24 2011 Mamoru Tasaka - 1.7.2-2 +- Handle gemspec file with containing "invalid" date format + generated with psych (ref: bug 706914) + +* Sat Apr 30 2011 Mamoru Tasaka - 1.7.2-1 +- Update to 1.7.2 + +* Sat Mar 12 2011 Mamoru Tasaka - 1.6.2-1 +- Update to 1.6.2 + +* Fri Mar 4 2011 Mamoru Tasaka - 1.6.1-1 +- Update to 1.6.1 +- Patch2, 4 upstreamed + +* Thu Mar 3 2011 Mamoru Tasaka - 1.6.0-1 +- Update to 1.6.0 + +* Sun Feb 27 2011 Mamoru Tasaka - 1.5.3-1 +- Update to 1.5.3 + +* Sun Feb 20 2011 Mamoru Tasaka - 1.5.2-1 +- Update to 1.5.2 +- Show rdoc process verbosely in verbose mode + +* Fri Feb 11 2011 Mamoru Tasaka - 1.5.0-2 +- Modify in-sync patch to keep the original behavior (for testsuite) +- Patch to make testsuite succeed, enabling testsuite + +* Thu Feb 10 2011 Mamoru Tasaka - 1.5.0-1 +- Update to 1.5.0 + +* Wed Feb 09 2011 Fedora Release Engineering - 1.3.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Oct 8 2010 Mamoru Tasaka - 1.3.7-2 +- Show build process of extension library in sync + +* Mon May 17 2010 Mamoru Tasaka - 1.3.7-1 +- Update to 1.3.7, dropping upstreamed patch + +* Wed Apr 28 2010 Mamoru Tasaka - 1.3.6-1 +- Update to 1.3.6 +- Show prefix with gem contents by default as shown in --help + +* Mon Sep 21 2009 Mamoru Tasaka - 1.3.5-1 +- Update to 1.3.5 + +* Sun Jul 26 2009 Fedora Release Engineering - 1.3.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Feb 25 2009 Fedora Release Engineering - 1.3.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sun Nov 09 2008 Jeroen van Meeuwen - 1.3.1-1 +- New upstream version + +* Tue Sep 16 2008 David Lutterkort - 1.2.0-2 +- Bump release because I forgot to check in newer patch + +* Tue Sep 16 2008 David Lutterkort - 1.2.0-1 +- Updated for new setup.rb +- Simplified by removing conditionals that were needed for EL-4; + there's just no way we can support that with newer rubygems + +* Wed Sep 3 2008 Tom "spot" Callaway - 0.9.4-2 +- fix license tag + +* Fri Jul 27 2007 David Lutterkort - 0.9.4-1 +- Conditionalize so it builds on RHEL4 + +* Tue Feb 27 2007 David Lutterkort - 0.9.2-1 +- New version +- Add patch0 to fix multilib sensitivity of Gem::dir (bz 227400) + +* Thu Jan 18 2007 David Lutterkort - 0.9.1-1 +- New version; include LICENSE.txt and GPL.txt +- avoid '..' in gem_dir to work around a bug in gem installer +- add ruby-rdoc to requirements + +* Tue Jan 2 2007 David Lutterkort - 0.9.0-2 +- Fix gem_dir to be arch independent +- Mention dual licensing in License field + +* Fri Dec 22 2006 David Lutterkort - 0.9.0-1 +- Updated to 0.9.0 +- Changed to agree with Fedora Extras guidelines + +* Mon Jan 9 2006 David Lutterkort - 0.8.11-1 +- Updated for 0.8.11 + +* Sun Oct 10 2004 Omar Kilani 0.8.1-1ts +- First version of the package diff --git a/sources b/sources new file mode 100644 index 0000000..2e443bc --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (rubygems-2.6.13.tgz) = c952b6061a9a0778db304c3aa5bea693e71ae2564abfb19f8b123eef66eb1e3877fc7c36f4f1527da97bb320870cbfd4574ac57ad88e850a44fadd67ebdac152